package com.dldata.display.control.Login;

import com.dldata.base.businessmodel.SessionUserInfoEntity;
import com.dldata.display.entity.LogUserLoginEntity;
import com.dldata.display.entity.SysStaffEntity;
import com.dldata.display.entity.SysUserInfoEntity;
import com.dldata.display.entity.SysUserOnlineEntity;
import com.dldata.display.service.Log.LogUserLoginService;
import com.dldata.display.service.System.SysDictionaryItemService;
import com.dldata.display.service.System.SysStaffService;
import com.dldata.display.service.System.SysUserInfoService;
import com.dldata.display.service.System.SysUserOnlineService;
import com.dldata.display.utils.DateUtil;
import com.dldata.display.utils.ServerCache;
import com.dldata.display.utils.StringUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.security.MessageDigest;
import java.sql.Time;
import java.sql.Timestamp;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.UUID;

/**
 * Created by 倪继文 on 2016/8/22.
 */
@Controller
@RequestMapping(value = "/user")
public class UserLoginController {

    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @Autowired
    SysUserInfoService sysUserInfoService;

    @Autowired
    SysUserOnlineService sysUserOnlineService;

    @Autowired
    SysStaffService  sysStaffService;

    @Autowired
    LogUserLoginService logUserLoginService;

    @Autowired
    SysDictionaryItemService sysDictionaryItemService;

    @RequestMapping(value = "/login")
    public String login(HttpServletRequest request, HttpServletResponse response) throws Exception {


//        String jsonString= "'Id':'','Name':''}";
//        JSONObject fromObject = JSONObject.fromObject(jsonString);
//        List<JSONObject> fromObjectlist=null;
//        fromObjectlist.add(0,fromObject);.

        String result;

        String loginname = request.getParameter("username").trim();
        String loginpwd = request.getParameter("password").trim();
        String client = request.getParameter("client");
        String syscode = request.getParameter("syscode");
        String rememberMe = request.getParameter("rememberMe");


        String serverurl = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort();

        HttpSession session = request.getSession();
        //根据loginname和syscode查询出在UserOnline表中的最新记录,同一系统不让重复登录
        List<SysUserOnlineEntity> userOnlineEntities = new ArrayList<SysUserOnlineEntity>();
        try {
            userOnlineEntities = sysUserOnlineService.getUserOnlineByLoginName(loginname, syscode);
        } catch (Exception ex) {
            result = "{\"success\":false,\"msg\":\"系统错误，请稍候再试！\"" + ex.getMessage().replace("\r", "").replace("\n", "") + "}";
            StringUtil.writeToWeb(result, "html", response);
            return null;
        }
        //验证loginid 和 password
        SysUserInfoEntity userInfo = null;
        try {
            userInfo = sysUserInfoService.checkUserInfo(loginname,syscode);
            //session.setAttribute("userid",userInfo.getId());
        } catch (Exception ex) {
            result = "{\"success\":false,\"msg\":\"系统错误，请稍候再试！\"" + ex.getMessage().replace("\r", "").replace("\n", "") + "}";
            StringUtil.writeToWeb(result, "html", response);
            return null;
        }

        if (userOnlineEntities.size() > 0) {
            SysUserOnlineEntity userOnlineEntity = userOnlineEntities.get(0);

            Timestamp perLogintime = userOnlineEntity.getLoginTime();
            Timestamp nowLogintime = new Timestamp(new Date().getTime());

            long minutes = (nowLogintime.getTime() - perLogintime.getTime()) / (1000 * 60);

            if(userInfo.getIsCheck()){
                if (minutes < 3) {
                    result = "{\"success\":false,\"msg\":\"用户正在使用，请稍后再登录！\"" + "}";
                    StringUtil.writeToWeb(result, "html", response);
                    return null;
                } else {
                    sysUserOnlineService.deleteOnlineInfos(userOnlineEntities);
                }
            }


        }

        if (userInfo == null) {
            result = "{\"success\":false,\"msg\":\"登录名不存在，请重新填写！\"" + "}";
            StringUtil.writeToWeb(result, "html", response);
            return null;
        }

        String pwd = toMD5(userInfo.getLoginName() + loginpwd);
        if (!userInfo.getLoginPwd().equals(pwd)) {
            result = "{\"success\":false,\"msg\":\"密码错误，请重新填写！\"" + "}";
            StringUtil.writeToWeb(result, "html", response);
            return null;
        }

        SimpleDateFormat df=new SimpleDateFormat("yyyyMMdd");
//        String rand = df.format(new Date().getTime());
//        String sysUd = directoryConfig.getSys_udun_vali();
//        if(!rand.equals(dlAdmin)&&!"dlUdun".equals(sysUd) /*&& sysUserInfoPtEntity != null*/){
//            if(sysUserInfoPtEntity == null||sysUserInfoPtEntity.getXlh() ==null ||sysUserInfoPtEntity.getPowerFile() == null){
//                result = "{\"success\":false,\"msg\":\"用户未授权！，请联系管理员！\"" + "}";
//                StringUtil.writeToWeb(result, "html", response);
//                return null;
//            }
//            if (!sysUserInfoPtEntity.getXlh().equals(xlh)) {
//                result = "{\"success\":false,\"msg\":\"U盾设备号不匹配，请联系管理员！\"" + "}";
//                StringUtil.writeToWeb(result, "html", response);
//                return null;
//            }
//            if (!sysUserInfoPtEntity.getPowerFile().equals(powerFile)) {
//                result = "{\"success\":false,\"msg\":\"授权文件不匹配，请联系管理员！\"" + "}";
//                StringUtil.writeToWeb(result, "html", response);
//                return null;
//            }
//        }



        // 如果勾选记住自己，把账号密码写入cookie
        if (rememberMe != null && rememberMe.equals("on")) {
            //创建两个Cookie对象
            Cookie nameCookie = new Cookie("username", loginname);
            //设置Cookie的有效期为7天
            nameCookie.setMaxAge(60 * 60 * 24 * 7);
            nameCookie.setPath("/");
//            Cookie pwdCookie = new Cookie("password", loginpwd);
//            pwdCookie.setMaxAge(60 * 60 * 24 * 7);
//            pwdCookie.setPath("/");
            response.addCookie(nameCookie);
//            response.addCookie(pwdCookie);
        }else {
            //创建两个Cookie对象
            Cookie nameCookie = new Cookie("username", loginname);
            //设置Cookie的有效期为7天
            nameCookie.setMaxAge(0);
            nameCookie.setPath("/");
            Cookie pwdCookie = new Cookie("password", loginpwd);
            pwdCookie.setMaxAge(0);
            pwdCookie.setPath("/");
            response.addCookie(nameCookie);
            response.addCookie(pwdCookie);
        }


        Cookie cookie1 = new Cookie("dlsso", userInfo.getId());
        cookie1.setPath("/");
        response.addCookie(cookie1);

        Cookie cookie2 = new Cookie("syscode", syscode);
        cookie2.setPath("/");
        response.addCookie(cookie2);

        if (userInfo != null) {
            Cookie cookie3 = new Cookie("userid", userInfo.getId());
            //Cookie cookie3 = new Cookie("userid", loginname);
            cookie3.setPath("/");
            response.addCookie(cookie3);
        }

        Cookie cookie4 = new Cookie("dlSSOServerUrl", serverurl);
        cookie4.setPath("/");
        response.addCookie(cookie4);


        long time = System.currentTimeMillis();
        String timeString = userInfo.getId() + time;
        //ServerCache.TICKET_AND_NAME.put(timeString, loginname);
        ServerCache.TICKET_AND_NAME.put(timeString, userInfo.getId());

        //保存在在线用户表
        SysUserOnlineEntity userOnlineEntity = new SysUserOnlineEntity();
        userOnlineEntity.setId(UUID.randomUUID().toString());
        userOnlineEntity.setUserId(userInfo.getId());
        userOnlineEntity.setTokenId(String.valueOf(time));
        userOnlineEntity.setLoginTime(new Timestamp(new Date().getTime()));
        userOnlineEntity.setSessionId(request.getSession().getId());
        userOnlineEntity.setSysCode(syscode);


        //保存用户登录日志
        LogUserLoginEntity userLoginEntity = new LogUserLoginEntity();
        userLoginEntity.setId(UUID.randomUUID().toString());
        userLoginEntity.setSysCode(syscode);
        userLoginEntity.setUserId(userInfo.getId());
        userLoginEntity.setLoginIp(getIp(request));
        userLoginEntity.setLoginDate(DateUtil.getSqlDate());
        Date now = new Date();
        SimpleDateFormat dateFormat = new SimpleDateFormat("HH:mm:ss");
        String loginTime = dateFormat.format(now);
        userLoginEntity.setLoginTime(Time.valueOf(loginTime));

        try {
            sysUserOnlineService.save(userOnlineEntity);
            logUserLoginService.save(userLoginEntity);

            //HttpSession session = request.getSession();
            //session.setAttribute("syscode",syscode);

        } catch (Exception ex) {
            result = "{\"success\":false,\"msg\":\"系统错误，请稍候再试！\"}";
            logger.error("【执行" + this.getClass().getName() + ".login() 方法失败 】异常：" + ex.getMessage());
            StringUtil.writeToWeb(result, "html", response);
            return null;
        }


        StringBuilder url = new StringBuilder();

        url.append("/index/index");
        if (0 <= client.indexOf("?")) {
            url.append("&");
        } else {
            url.append("?");
        }
        url.append("ticket=").append(timeString);
        url.append("&");
        url.append("serverURL=").append(serverurl);
        result = "{\"success\":true,\"url\":\"" + url + "\"}";

        SysStaffEntity sysStaffEntity=sysStaffService.getStaffByID(userInfo.getId());

        SessionUserInfoEntity sessionUserInfoEntity=new SessionUserInfoEntity();
        sessionUserInfoEntity.setKid("");
        sessionUserInfoEntity.setKname("");
        sessionUserInfoEntity.setUcode(sysStaffEntity.getCode());
        sessionUserInfoEntity.setLname(userInfo.getLoginName());
        sessionUserInfoEntity.setUid(userInfo.getId());
        sessionUserInfoEntity.setUname(sysStaffEntity.getName());
        request.getSession().setAttribute(com.dldata.base.utils.Public.SESSION_USER_KEY,sessionUserInfoEntity);

        Cookie sessionUsercookie = new Cookie(com.dldata.base.utils.Public.SESSION_USER_KEY, sessionUserInfoEntity.createCookieJson());
        sessionUsercookie.setMaxAge(60*60*6);
        sessionUsercookie.setPath("/");
        response.addCookie(sessionUsercookie);

        StringUtil.writeToWeb(result, "html", response);



        return null;
    }



    @RequestMapping(value = "/tologin/{loginurl}")
    public String gotologin( @PathVariable("loginurl") String loginurl, ModelMap model, HttpServletRequest request, HttpServletResponse response) throws Exception {

        String client = request.getParameter("client");
        String sysCode = request.getParameter("syscode");
        String dlAdmin = request.getParameter("dlAdmin");
        model.addAttribute("dlAdmin", dlAdmin);
        model.addAttribute("client", client);
        model.addAttribute("syscode", sysCode);

        HttpSession session = request.getSession();
        String str = dlAdmin+sysCode+client;
        Object paramsError = session.getAttribute("paramsError");
        if(paramsError != null){
            model.addAttribute("paramsError", paramsError.toString());
        }

        session.removeAttribute("paramsError");
        String reg = "[a-zA-Z0-9]";
        for(int i=0;i<str.length();i++){
            if(!str.substring(i,i+1).matches(reg)){
                session.setAttribute("paramsError","参数中含有非法字符！");
                response.sendRedirect("/");
                break;
            }
        }

        String name = ""; //用户名
        String password = ""; //密码
        Cookie[] cookies = request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals("username")) {
                    name = cookie.getValue();
                    model.addAttribute("username", name);  //存用户名
                }
                if (cookie.getName().equals("password")) {
                    password = cookie.getValue();
                    model.addAttribute("password", password); //存密码
                }
            }
        }

        if (StringUtils.isEmpty(loginurl)) {
            return "/login/login";
        } else {
            return "/login/" + loginurl;
        }
    }

    public String toMD5(String plainText) {
        StringBuffer buf = new StringBuffer("");
        try {
            //生成实现指定摘要算法的 MessageDigest 对象。
            MessageDigest md = MessageDigest.getInstance("MD5");
            //使用指定的字节数组更新摘要。
            md.update(plainText.getBytes());
            //通过执行诸如填充之类的最终操作完成哈希计算。
            byte b[] = md.digest();
            //生成具体的md5密码到buf数组
            int i;

            for (int offset = 0; offset < b.length; offset++) {
                i = b[offset];
                if (i < 0)
                    i += 256;
                if (i < 16)
                    buf.append("0");
                buf.append(Integer.toHexString(i));
            }
//            System.out.println("32位: " + buf.toString());// 32位的加密
//            System.out.println("16位: " + buf.toString().substring(8, 24));// 16位的加密，其实就是32位加密后的截取
        } catch (Exception e) {
            e.printStackTrace();
        }
        return buf.toString();
    }

    // 获取客户端IP
    private String getIp(HttpServletRequest request) {
        String ip = request.getHeader("X-Forwarded-For");
        if (org.apache.commons.lang.StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) {
            //多次反向代理后会有多个ip值，第一个ip才是真实ip
            int index = ip.indexOf(",");
            if (index != -1) {
                return ip.substring(0, index);
            } else {
                return ip;
            }
        }
        ip = request.getHeader("X-Real-IP");
        if (org.apache.commons.lang.StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)) {
            return ip;
        }
        return request.getRemoteAddr();
    }

}
